PrestaShop is a popular, open-source e-commerce platform empowering small, medium, and large online stores.
It’s packed with hundreds of free features such as a website builder, store templates, and payment modules. More than 270,000 e-commerce vendors use PrestaShop to sell their products online. By being open-source, PrestaShop benefits from superior security, transparency, and adaptability over closed source software. In today’s online environment, we highly recommend you to learn how to move a PrestaShop site from HTTP to HTTPS.
If your website runs on PrestaShop, you’ve already made a wise decision for your business. The platform has proven over the years to be a powerful and reliable solution to all e-commerce needs. However, to make your online store even more secure, but most importantly compliant with e-commerce regulations, it’s a must to install an SSL Certificate on your website. Don’t have one yet? SSL Dragon is your one-stop place for SSL value deals and discounts.
While this article focuses on how to move a PrestaShop site from HTTP to HTTPS after you’ve already bought an SSL Certificate, here are a couple of useful links to get you started with SSL encryption.
A technical overview of how SSL certificates work
How to choose the best SSL certificate for your website?
Why is an SSL Certificate important for your online store?
7 Reasons Why You Should Get an SSL Certificate for Your Blog
SSL Wizard – arguably the best tool to help you choose the right SSL Certificate for your store.
After you buy and install the SSL Certificate on your server, (Here you can find detailed installation instructions for your SSL brand and server platform) your next step is to move your website.
Fortunately, PrestaShop has a built-in SSL activation in its intuitive web interface. All you have to do is log into the PrestaShop admin dashboard, and browse Preferences > General. Once there, click on the following link: “Please click here to use HTTPS protocol before enabling SSL”. It’s located on top of the General page, next to the Enable SSL option.
You need to perform this action to make sure your SSL installation works properly. When everything is fine, the Enable field displays YES and NO options. If something is wrong with your SSL configuration, you receive a warning message. Assuming all is well, simply select the “Enable SSL on all pages” option and complete the HTTPS activation. Save your changes, and then refresh the page, now your entire website should be served over HTTPS.
Unfortunately, this action alone is usually not enough to move a PrestaShop site from HTTP to HTTPS. You still may face annoying errors like Error 500, 404 not found, or 102. The good news is you can remove the majority of errors by yourself, and only in some cases, you’ll have to contact your hosting provider. Here’s what you can do on your own:
Create 301 redirects
As the name implies, this command will redirect users, in our case to SSL-enabled connections. 301 redirects permanently change the web address of the page from an old URL to a new one. In PrestaShop, the easiest way to achieve this is via a paid redirect module available on the PrestaShop marketplace.
Alternatively, you can do it for free, by creating 301 redirects manually in the .htacces file. Different server platforms use different code to accomplish this. Contact your hosting provider and ask them for the appropriate code.
Avoid mixing secure and insecure content on a web page
Even if just one of your media files continues to be served over HTTP, browsers will display a warning message about insecure content. Here’s an example of a HTML snippet that can activate the SSL warning: <a href=”http://www.yoursite.com/images/photo.jpg”>View my pic</a>
As you can see, the hyperlink references a non-secure HTTP resource (photo.jpg file). To resolve this issue, you can simply use relative links. For instance you could rewrite the unsecured HTML snippet as following <a href=”/images/photo.jpg”>View My Pic</a>. An even simpler solution is to modify all your hyperlinks to us https instead of HTTP.
Scan your entire code
Make sure no to check and change all your links. Your theme and plugins source code may still contain old HTTP elements. Replace them as soon as possible.
Let Google know that you’ve moved from HTTP to HTTPS
Add the HTTPS URLs and submit the XML sitemap to Google website tools. Use Robots.txt file to control which pages Google will crawl and index.
From here onward, is important to monitor the changes you’ve made, and keep your PrestaShop platform, website’s theme, and modules up to date with the latest release versions. Now that you know how to move a PrestaShop site from HTTP to HTTPS, your existing and the future online project will always remain secure.